Skip to main content

Oracle Database

A database management system designed for high performance, scalability, and secure data storage across cloud and on-premises environments.

This pack includes XSIAM content.

Collect Events from Vendor

In order to use the collector, you will need to perform the following steps:

Broker VM

You will need to use the information described here.\
You can configure the specific vendor and product for this instance.

  1. Navigate to Settings -> Configuration -> Data Broker -> Broker VMs.
  2. Right-click the broker VM and select Database Collector -> Activate.
  3. When configuring the Database Collector, set:
    • vendor as oracle
    • product as db

Database Collector

You will need to use the information described here.\
When configuring the Database Connection the SQL Query should look as follows:

SELECT UNIFIED_AUDIT_TRAIL.*
FROM UNIFIED_AUDIT_TRAIL
WHERE UNIFIED_AUDIT_TRAIL.EVENT_TIMESTAMP > ?
ORDER BY UNIFIED_AUDIT_TRAIL.EVENT_TIMESTAMP DESC;

Make sure to use the correct value for "Retrieval Value", to match the Rising Column value type.

PUBLISHER

PLATFORMS

Cortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedJune 2, 2022
Last ReleaseJune 14, 2026
Network Security
DISCLAIMER
By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.